Sadly rdiff-backup is no long under development, the last maintainer
seemed to lose interest after March 2009 and no one has picked up the
baton. I still find it very powerful and reliable for backing up data
from Windows machines to a Linux backup server - I'm not bothered about
permissions, though. (Note that the rdiff-backup option --no-acls works
both for Posix and Windows systems.)

Hmmm, well there's something I haven't tried. However, as I understand
it (which may well be wrong of course) the rdiff-backup options about
ACLs (e.g. --no-acls) all apply to POSIX ACLs. Windows ACLs are not
POSIX ACLs and, in fact, are handled by a different Python module. I
also believe that under Windows the ACLs are basically the _only_
security mechanism so to disable them would loose all permissions info.

But in any case for ACLs rdiff-backup requires the pylibacl and
pyxattr modules. My standard rdiff-backup installation (under Ubuntu
12.04) does not have pylibacl or pyxattr. You can check whether you
have them in your Debian with:
pydoc modules|egrep -o "(pylibacl|pyxattr)"

'pydoc' spits out a bunch of errors for me but:
----
address@hidden:~> dpkg -s python-pylibacl | grep Status
Status: install ok installed
address@hidden:~> dpkg -s python-pyxattr | grep Status
Status: install ok installed
----
This extract from a linux-linux backup is suggestive:
----
/usr/lib/pymodules/python2.6/rdiff_backup/SetConnections.py:148:
DeprecationWarn
ing: os.popen2 is deprecated. Use the subprocess module.
stdin, stdout = os.popen2(remote_cmd)
Unable to import win32security module. Windows ACLs
not supported by filesystem at /buckbeak/root/home
escape_dos_devices not required by filesystem at /buckbeak/root/home
Using rdiff-backup version 1.2.8
Executing ssh -C address@hidden rdiff-backup --server
-----------------------------------------------------------------
Detected abilities for source (read only) file system:
Access control lists On
Extended attributes On
Windows access control lists Off
Case sensitivity On
Escape DOS devices Off
Escape trailing spaces Off
Mac OS X style resource forks Off
Mac OS X Finder information Off
-----------------------------------------------------------------
Unable to import win32security module. Windows ACLs
not supported by filesystem at home/rdiff-backup-data/rdiff-backup.tmp.0
escape_dos_devices not required by filesystem at
home/rdiff-backup-data/rdiff-backup.tmp.0
-----------------------------------------------------------------
Detected abilities for destination (read/write) file system:
Ownership changing On
Hard linking On
fsync() directories On
Directory inc permissions On
High-bit permissions On
Symlink permissions Off
Extended filenames On
Windows reserved filenames Off
Access control lists On
Extended attributes On
Windows access control lists Off
Case sensitivity On
Escape DOS devices Off
Escape trailing spaces Off
Mac OS X style resource forks Off
Mac OS X Finder information Off
-----------------------------------------------------------------
----
First, note that both source and destination show "Access control lists"
and "Extended attributes" as "On". Presumably if pylibacl and/or
pyxattr were not installed they would be "Off". Second, and more to the
point, are these lines:
Unable to import win32security module. Windows ACLs
not supported by filesystem at /buckbeak/root/home
[...]
Windows access control lists Off
I believe _Windows_ ACLs are handled in module win32security. Now the
log files from the windows native client doing a windows-linux backup
shows "Windows access control lists" as "On" on the source (windows)
filesystem but "Off" on the destination filesystem. This is okay though
because rdiff-backup stores the windows ACL data in a file under
rdiff-backup-data on the destination. The file name is of the form
win_access_control_lists.<timestamp>.snapshot.gz.
Examining this file (after reading up on windows ACLs on the web) looks
like the windows ACLs are stored correctly. For example, previously I
posted that Windows showed the permissions for the "Leland" directory to
be
--------
SYSTEM: <not inherited>, Full Control, This folder, subfolders and files
Leland: <not inherited>, Full Control, This folder, subfolders and files
Administrators: <not inherited>, Full Control, This folder, subfolders
and files
--------
Now the first few lines of win_access_control_lists...gz are:
--------
# file: .
O:SYG:SYD:P(A;OICI;FA;;;SY)(A;OICI;FA;;;BA)(A;OICI;FA;;;S-1-5-21-182347274-1911788080-2948552075-1007)
--------
This is admittedly cryptic but (as best I can tell) says for directory
"Leland" (the top-level source directory):
Owner: SYSTEM
Group: SYSTEM
Permissions:
Allow SYSTEM: Full Access, Object Inheritance, Container Inheritance
Allow Administrators: Full Access, Object Inheritance, Container
Inheritance
Allow Leland: Full Access, Object Inheritance, Container Inheritance
which looks about right. So, whatever is going wrong must be on the
restore side. While this narrows things down a bit, I'm no Python Guru
so I'm not sure where to go next. Perhaps try to rebuild the
rdiff-backup win32 native client using more recent versions of the
win32security module? Or something? Any hints would be appreciated.
Is there an active developers list for rdiff-backup and should I perhaps
post there?

Could this be your problem?

Given the above plus the fact that a Windows-Windows local
backup-restore cycle fails it seems unlikely. But thanks for your
suggestion.
[...rest of reply deleted...]
Cheers
Leland